Bug 2436105 (CVE-2025-61639)
| Summary: | CVE-2025-61639 MediaWiki: MediaWiki: Sensitive information exposure to unauthorized actors | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | OSIDB Bzimport <bzimport> |
| Component: | vulnerability | Assignee: | Product Security DevOps Team <prodsec-dev> |
| Status: | NEW --- | QA Contact: | |
| Severity: | low | Docs Contact: | |
| Priority: | low | ||
| Version: | unspecified | Keywords: | Security |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | --- | |
| Doc Text: |
A flaw was found in MediaWiki. This vulnerability, categorized as an Exposure of Sensitive Information to an Unauthorized Actor, allows an unauthorized individual to access sensitive data. The issue stems from how MediaWiki handles logging and recent changes, potentially leading to the disclosure of confidential information.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2436299, 2436302 | ||
| Bug Blocks: | |||
|
Description
OSIDB Bzimport
2026-02-03 00:01:42 UTC
|